The Food and Drug Administration has issued a long-awaited final version of guidance for how medical device manufacturers should help maintain the cybersecurity of network-connected devices once they are in use, spelling out key steps to take.
Will more "historical" breaches be revealed in 2017 and beyond? Data breach expert Troy Hunt is optimistic that such revelations will become rare as large businesses operating online continue to improve security. But what about small and mid-size organizations?
With the rise of malware infecting IoT devices, DDoS defenders "have to assume that the attackers have an unlimited supply of machines that they can compromise," says Akamai's Michael Smith. But quarantines, ISP feedback loops and better patch management can bolster defenses.
Security software often generates so many warnings that it can be difficult to figure out which ones are the most serious. How can one differentiate good intelligence from bad? John Watters, founder of iSight Partners, discusses how to separate the signal from the noise.
In this special edition of the ISMG Security Report, DataBreachToday Executive Editor Mathew Schwartz discusses the Russian groups behind damaging hacks against the U.S. and Strategic Cyber Ventures CEO Tom Kellermann details cyberthreats posed by the West's nation-state adversaries.
Cyber espionage groups are using unconventional channels to hack target organizations, according to Mandiant' s latest research. Trusted service provider relationships are being exploited to compromise organizations in government and defense, says Rob van der Ende, Mandiant's vice president for Asia Pacific and Japan.
Hacks sponsored by nation-states and attacks fueld by IoT-powered botnets are just some of the daunting threats we will see in 2017, says cybersecurity thought leader Tom Kellermann. What are his top predictions, and how should security leaders respond?
President Barack Obama has signed the National Defense Authorization Act, legislation that includes a provision he opposes to leave the leader of the newly-elevated U.S. Cyber Command as the head of the National Security Agency as well.
Community Health Plan of Washington, a not-for-profit insurance company, says a security vulnerability on the computer network of a business associate resulted in a breach affecting nearly 400,000 individuals.
A variant of malware used to infect U.S. Democratic National Committee systems was also used to infect an Android app used by Ukraine's artillery forces, bolstering attribution of both attacks to Russia, says cybersecurity firm Crowdstrike.
As cybercriminals continue to wage more sophisticated, well-funded attacks, it's more urgent than ever to attract qualified professionals to careers in cybersecurity, Symantec CTO Dr. Hugh Thompson says in this audio interview.
The Shadow Brokers is offering more Equation Group attack tools for sale, payable in bitcoins. Experts say the dump appears designed to deflect attention from Russia's alleged meddling in this year's U.S. presidential election, but it may have originated from a rogue NSA insider.
Leading this latest edition of the ISMG Security Report: The growing momentum in Congress to establish a select committee to investigate breaches the American intelligence community has tied to the Kremlin to influence the U.S. presidential election.
The County of Los Angeles is notifying 756,000 individuals of a breach stemming from a phishing scheme that tricked more than 100 county employees. Bank account and payment card information, Social Security numbers and health-related information was potentially exposed.
Fifty-nine percent of security leaders believe their current ransomware defenses are above average or superior. Yet 53 percent also have been victim of ransomware attacks in the past year. Eduardo Cabrera of Trend Micro discusses this and other results of the Ransomware Response Study.